certificatesaml-2.0oktaocspcertificate-revocation

Okta certificate revokation


I am using Okta for SAML sign-on. I need to change the default self-signed certificate of Okta and use a certificate signed by third party. I need this because I need to revoke Okta certificate and check the OCSP flow in my server and check whether Okta authentication is rejected. Is this supported in Okta? please help


Solution

  • Check this API - https://developer.okta.com/docs/reference/api/apps/#publish-csr-for-application

    I haven't tried it on my own, but it seems it should work for you. Only thing, you need first generate CSR for the app inside Okta, get it out of Okta, sign it with whatever CA and then load back the signed cert with the API I posted above.

    All the step before that are also covered on the page I shared you the link to.